Bigfix Modern Client Management CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (6 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-0274	1 Hcltech	2 Bigfix Mobile, Bigfix Modern Client Management	2025-10-21	5.3 Medium
HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.
CVE-2025-0275	1 Hcltech	2 Bigfix Mobile, Bigfix Modern Client Management	2025-10-21	5.3 Medium
HCL BigFix Mobile 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.
CVE-2025-0277	1 Hcltech	2 Bigfix Mobile, Bigfix Modern Client Management	2025-10-21	6.5 Medium
HCL BigFix Mobile 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy (CSP). An attacker could trick users into performing actions by not properly restricting the sources of scripts and other content.
CVE-2025-0276	1 Hcltech	2 Bigfix Mobile, Bigfix Modern Client Management	2025-10-21	6.5 Medium
HCL BigFix Modern Client Management (MCM) 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy (CSP). An attacker could trick users into performing actions by not properly restricting the sources of scripts and other content.
CVE-2023-28025	1 Hcltech	1 Bigfix Modern Client Management	2024-11-21	6.6 Medium
Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed and stored in the server storage.
CVE-2021-27783	1 Hcltech	2 Bigfix Mobile, Bigfix Modern Client Management	2024-11-21	6.8 Medium
User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.

Page 1 of 1.